CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2024-1394 – Golang-fips/openssl: memory leaks in code encrypting and decrypting rsa payloads
https://notcve.org/view.php?id=CVE-2024-1394
21 Mar 2024 — A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and ctx. That function uses named return parameters to free pkey and ctx if there is an error initializing the context or setting the different properties. All return statements related to error cases follow the "return nil, nil, fa... • https://access.redhat.com/errata/RHSA-2024:1462 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.6EPSS: 0%CPEs: 28EXPL: 0CVE-2024-1753 – Buildah: full container escape at build time
https://notcve.org/view.php?id=CVE-2024-1753
18 Mar 2024 — A flaw was found in Buildah (and subsequently Podman Build) which allows containers to mount arbitrary locations on the host filesystem into build containers. A malicious Containerfile can use a dummy image with a symbolic link to the root filesystem as a mount source and cause the mount operation to mount the host root filesystem inside the RUN step. The commands inside the RUN step will then have read-write access to the host filesystem, allowing for full container escape at build time. Se encontró una fa... • https://access.redhat.com/errata/RHSA-2024:2049 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-269: Improper Privilege Management •
CVSS: 5.3EPSS: 0%CPEs: 7EXPL: 0CVE-2023-7250 – Iperf3: possible denial of service
https://notcve.org/view.php?id=CVE-2023-7250
18 Mar 2024 — A flaw was found in iperf, a utility for testing network performance using TCP, UDP, and SCTP. A malicious or malfunctioning client can send less than the expected amount of data to the iperf server, which can cause the server to hang indefinitely waiting for the remainder or until the connection gets closed. This will prevent other connections to the server, leading to a denial of service. Se encontró una falla en iperf, una utilidad para probar el rendimiento de la red mediante TCP, UDP y SCTP. Un cliente... • https://access.redhat.com/errata/RHSA-2024:4241 • CWE-183: Permissive List of Allowed Inputs •
CVSS: 6.5EPSS: 0%CPEs: 32EXPL: 0CVE-2023-28746 – kernel: Local information disclosure on Intel(R) Atom(R) processors
https://notcve.org/view.php?id=CVE-2023-28746
14 Mar 2024 — Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. La exposición de la información a través del estado de la microarquitectura después de la ejecución transitoria de algunos archivos de registro para algunos procesadores Intel(R) Atom(R) puede permitir que un usuario autenticado potencialmente habilite la divulgación de info... • http://www.openwall.com/lists/oss-security/2024/03/12/13 • CWE-1342: Information Exposure through Microarchitectural State after Transient Execution •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 1CVE-2024-1441 – Libvirt: off-by-one error in udevlistinterfacesbystatus()
https://notcve.org/view.php?id=CVE-2024-1441
11 Mar 2024 — An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash. Se encontró una falla de error uno por uno en la función udevListInterfacesByStatus() en libvirt cuando el número de interfaces excede el tamaño de la matri... • https://github.com/almkuznetsov/CVE-2024-1441 • CWE-193: Off-by-one Error •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2024-26458 – krb5: Memory leak at /krb5/src/lib/rpc/pmap_rmt.c
https://notcve.org/view.php?id=CVE-2024-26458
26 Feb 2024 — Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. Kerberos 5 (también conocido como krb5) 1.21.2 contiene una pérdida de memoria en /krb5/src/lib/rpc/pmap_rmt.c. A memory leak flaw was found in krb5 in /krb5/src/lib/rpc/pmap_rmt.c. This issue can lead to a denial of service through memory exhaustion. • https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2024-26461 – krb5: Memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c
https://notcve.org/view.php?id=CVE-2024-26461
26 Feb 2024 — Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c. Kerberos 5 (también conocido como krb5) 1.21.2 contiene una vulnerabilidad de pérdida de memoria en /krb5/src/lib/gssapi/krb5/k5sealv3.c. A memory leak flaw was found in krb5 in /krb5/src/lib/gssapi/krb5/k5sealv3.c. This issue can lead to a denial of service through memory exhaustion. • https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md • CWE-401: Missing Release of Memory after Effective Lifetime CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.0EPSS: 0%CPEs: 19EXPL: 0CVE-2024-24474
https://notcve.org/view.php?id=CVE-2024-24474
20 Feb 2024 — QEMU before 8.2.0 has an integer underflow, and resultant buffer overflow, via a TI command when an expected non-DMA transfer length is less than the length of the available FIFO data. This occurs in esp_do_nodma in hw/scsi/esp.c because of an underflow of async_len. QEMU anterior a 8.2.0 tiene un desbordamiento de número entero y un desbordamiento de búfer resultante, a través de un comando TI cuando una longitud de transferencia esperada que no es DMA es menor que la longitud de los datos FIFO disponibles... • https://gist.github.com/1047524396/5ce07b9d387095c276b1cd234ae5615e • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2024-26327 – QEMU: SR-IOV: improper validation of NumVFs leads to buffer overflow
https://notcve.org/view.php?id=CVE-2024-26327
19 Feb 2024 — An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. Se descubrió un problema en QEMU 7.1.0 a 8.2.1. Register_vfs en hw/pci/pcie_sriov.c maneja mal la situación en la que un invitado escribe NumVF mayores que TotalVF, lo que provoca un desbordamiento del búfer en las implementaciones de VF. A flaw was found in the SR/IOV emulation support of QEMU... • https://lore.kernel.org/all/20240214-reuse-v4-5-89ad093a07f4%40daynix.com • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 6.0EPSS: 0%CPEs: 12EXPL: 0CVE-2024-26328
https://notcve.org/view.php?id=CVE-2024-26328
19 Feb 2024 — An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c does not set NumVFs to PCI_SRIOV_TOTAL_VF, and thus interaction with hw/nvme/ctrl.c is mishandled. Se descubrió un problema en QEMU 7.1.0 a 8.2.1. Register_vfs en hw/pci/pcie_sriov.c no configura NumVFs en PCI_SRIOV_TOTAL_VF y, por lo tanto, la interacción con hw/nvme/ctrl.c no se maneja correctamente. • https://lore.kernel.org/all/20240213055345-mutt-send-email-mst%40kernel.org •